As the use of computer technology grows, security in message transmission is becoming an increasing concern. Specifically, today many businesses and governments transmit information over computer networks such as the Internet. In many cases, the information transmitted is of a secretive nature. For example, a business might need to transmit valuable trade secret information from one facility to another. Further, governments might need to transmit sensitive military or strategic information to allies and forces abroad. In any of these cases, the secretive nature of the information must never be compromised.
To date, many systems for encrypting or otherwise securing data have been developed. One common methodology is to use a security key that is a pseudo-random number. The security key is used as an exclusive-OR (XOR) value against bytes in the data. Typically, the pseudo-random number is generated using a method known to both the sender and the intended recipient of the data. Once encrypted, the data is transmitted to the recipient who can then decrypt the data using a “seed” value and the pseudo-random number. Generally, a pseudo-random number generator on the sender side generates a new random number for each sequence of bytes to be encrypted. A pseudo-random number generator on the recipient side will generate the same sequence of pseudo-random numbers to decrypt the data. In methods such as these, there is a one to one correspondence of encrypted bytes to source bytes.
Typically, methods such as these creates various security risks. For example, the encryption can be broken through trial and error. Specifically, security under these methods relies upon the complexity of the pseudo-random number (i.e., the “mask”). The more bits the mask has, the longer it will take to decrypt the message. However, given the advanced nature of today's computer technology, any encrypted data set (regardless of bit quantity in the mask) can be decrypted through trial and error in a finite amount of time. In an attempt to address these issues, the above-incorporated patent application describes a state machine representation for encrypting and decrypting a message. The described state machine representation typically includes a set of nodes that are interconnected by transitional vectors, with each transitional vector being assigned a unique value. Some or all of the nodes in the state machine representation are assigned data values from the message, with each data value being assigned to at least one of the nodes. To encrypt the message, a start node will be identified and any path of transitional vectors will be traversed from node to node. As each transitional vector is traversed, its corresponding unique number will be recorded in sequence. When one of the data values in the message to be encrypted is encountered/reached at a node, a random number that is not representative of any of the transitional vectors is generated and recorded (in sequence with the unique values). This process continues until all of the data values in the message have been encountered/reached. Once complete, the recorded string of unique values and random values is outputted to a recipient who has access to a copy of the state machine representation. Using the string of values, the recipient can follow the sequence/path of transitional vectors traversed in encrypting the message to recover the data values.
As effective as the state machine representation of the incorporated patent application can be, various security risks can still be posed. Specifically, since both the encrypting party and the decrypting party must have access to the state machine representation, the state machine representation is typically distributed to both parties. During such distribution, it is possible for an intruder or other unauthorized party to intercept the state machine representation. If the intruder is also able to intercept the string of values, he/she could decrypt the message.
In view of the foregoing, there exists a need for an improved state machine representation for encrypting and decrypting a set of data values, and a method for protecting the same. In addition, a need exists for a method, system and program product for encrypting and decrypting a set of data values using the improved state machine representation. To this extent, a need exists for nodes of the state machine representation to be grouped into distinct color segments, with no two directly connected nodes being in the same color segment. A further need exists for one or more of the nodes to have a termination (transitional) vector that leads to a termination point instead of to another node.